<?php
	
	//khoi tao session sư dung

	if($_POST["ok"])//bjen ok co gia trj
	{
		if(empty($_POST["user"]))
			
			echo"<script type='text/javascript'>alert('báº¡n chÆ°a nháº­p user');</script>";
		
		else 
			
			$u=addslashes($_POST["user"]);
		
		if(empty($_POST["pass"]))
				
			echo"<script type='text/javascript'>alert('báº¡n chÆ°a nháº­p pass');</script>";
		
		else
				
			$p=addslashes($_POST["pass"]);

		if($u && $p)
		{
			
			$result=mysql_query("SELECT * FROM thongtin_quantri WHERE ky_danh = '$u' AND mat_khau = '$p'");
			
			if(mysql_num_rows($result)!=0)
			{
				while ($row=mysql_fetch_assoc($result))
				{
					$_SESSION["quyen"]=$row["quyen"];
				}
				
				$_SESSION["user"]=$_POST["user"];
				
				$_SESSION["login"]=1;
				
				
				
				echo"<script>alert('Ä�Äƒng nháº­p thÃ nh cÃ´ng')</script>";
				
				echo"<script>windown.location='index.php';</script>";
			}
			else
				
				echo"<script>alert('KhÃ´ng cÃ³ user hay pass nÃ y ');</script>";
				
		}
	
	}

?>